Checking date: 26/04/2020

Versión en español

Course: 2019/2020

Public information security management
(17433)
Bachelor in Management of Public Security (Plan: 377 - Estudio: 341)


Coordinating teacher: RIBAGORDA GARNACHO, ARTURO

Department assigned to the subject: Computer Science and Engineering Department

Type: Compulsory
ECTS Credits: 6.0 ECTS

Course:
Semester:



Requirements (Subjects that are assumed to be known)
There is not requirement
ObjectivesFurther information on this link
- Analyze the threats and vulnerability of an information system and apply the appropriate protection measures. - Know the organization and structure of cybersecurity in the State. - Know the de jure or de facto schemes of international, European and national security standardization. - Manage the security of an information system - Design a comprehensive information security plan. - Analyze and manage the risks of a specific installation. - Prepare a training plan on information security. - Audit the security of an information system, with special emphasis on personal data - Know the national, European and NATO schemes for classification of information, as well as the protection, maintenance and declassification of this .
Description of contents: programme
1. Security of information in the State 2. Introduction to information security. 3. Standardization, homologation, evaluation, certification and accreditation. Legal framework. 4. The Information Security Management System. Family ISO 27XXX. 5. The integral security plan for information systems. 6. Risk analysis and management. The MAGERIT method. The PILAR tool 7. Training and awareness plans. 8. Classification of information 9. Legal aspects related to security management. 10. Audit of the management of security and personal data
Learning activities and methodology
The training activities include: 1 Lectures, individual or group tutorials, personal work and student presentations, including theoretical and practical tests and examinations. To facilitate their development students receive class notes in the appropriate web tool and have basic reference texts that allow them to complete and deepen the most important or more fundamental issues. 2nd Practice, individual tutorials and personal work, including tests and examinations. All it aimed at the acquisition of practical skills related to the program for each subject.
Assessment System
  • % end-of-term-examination 50
  • % of continuous assessment (assigments, laboratory, practicals...) 50

Basic Bibliography
  • . Autoridad delegada para la protección de la información clasificada. Normas de la Autoridad nacional para la protección de la información clasificada. Ministerio de la Presidencia. 2014
  • C.M. Fernández Sánchez y M. Piattini Velthuis . Modelo para el gobierno de las TIC basado en las normas ISO. AENOR. 2012
  • L. Gómez Fernández; P.P. Fernández Rivero. Como implantar un SGSI según UNE-ISI/IEC 27001:2014 y su aplicación en el ENS. AENOR. 2015
  • . Norma UNE-ISO/IEC 27002:2015. UNE. 2015
  • . Norma UNE-ISO/IEC. 27000:2014. UNE. 2014
  • . Norma UNE-ISO/IEC. 27001:2014 . UNE. 2014
  • A. Ribagorda.. Seguridad de la información. Curso Complementos de Formación (2ª edición).. Centro Universitario de la Guardia Civil..
Recursos electrónicosElectronic Resources *
Detailed subject contents or complementary information about assessment system of B.T.
(*) Access to some electronic resources may be restricted to members of the university community and require validation through Campus Global. If you try to connect from outside of the University you will need to set up a VPN


The course syllabus may change due academic events or other reasons.


More information: http://www.seg.inf.uc3m.es